A new dangerous Android vulnerability has been identified by security experts and named Achilles. The reports indicate that devices powered by Qualcomm chipsets are affected: more than 400 bugs have been discovered.
The Achilles Android Vulnerability Found in Qualcomm Devices
Android devices have been found to be vulnerable to a new dangerous bug called Achilles. It was recently reported to the Android community and appears to be a collection of over 400 bugs in the embedded Qualcomm chipsets. It appears that the core of the issues is a disruption in the DSP processor functions. This leads to improper handling of the most important features of the Android device: process execution, charging and multimedia execution.
Malicious code can crafted which takes advantage of the unpatched devices. Prospective hackers can use this by using different distribution campaigns – from directly creating virus files to using payload carriers and SPAM email messages. Using malicious apps prospective hackers can be used to take over control of the victim Android devices or steal user data. Advanced variants can be used to change the device settings leading to usability and performance issues.
As the Qualcomm chipset powers all essential activities of a smartphone or tablet (the most popular categories of Android devices) by taking advantage of the Achilles vulnerability the hackers can also tap into the location data. The multimedia appliances can be used to spy on the victims in real-time by recording audio and video.
At this moment there are no reported cases of hackers abusing the Achilles vulnerability in active campaigns. However it would probably not take for hackers to insert the required exploits in their hacking tools. Qualcomm has also responded publicly by stating that they will release patches in order to fix the weaknesses.